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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address -- 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )KI Responsive to communication(s) filed on 24 March 2004 . 
2a)D This action is FINAL, 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213, 

Disposition of Claims 

4) [3 Claim(s) 1-23 and 35-57 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) ^ Claim(s) 35-40 and 56 is/are allowed. 

6) K Claim(s) 1-17,41-54. and 57 is/are rejected. 

7) [3 Claim(s) 78-23 and 55 is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)K The drawing(s) filed on 6 June 2000 is/are: a)£3 accepted or b)Q objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-1 52. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 0 Certified copies of the priority documents have been received. 

2.0 Certified copies of the priority documents have been received in Application No. . 

3.Q Copies of the certified copies of the priority documents have been received in this National Stage 
application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1 . In response to the most recent office action, the first action on the merits, 
Applicant has amended claim 19 and added claims 52-57. 

2. Claims 1-23 and 35-57 have been examined. 



Drawings 

3. In view of the amendments to the specification, all previous objections to the 
drawings have been withdrawn. 

Specification 

4. All previous objections to the specification are withdrawn. 

Claim Rejections - 35 USC §112 

The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 

5. All previous rejections under 35 U.S.C. 112 are withdrawn. 





Application/Control Number: 09/588,367 



Page 3 



Art Unit: 2134 

6. Claim 53 is rejected under 35 U.S.C. 112, second paragraph, as being 
incomplete for omitting essential structural cooperative relationships of elements, such 
omission amounting to a gap between the necessary structural connections. See 
MPEP § 2172.01. The omitted structural cooperative relationships are: It is unclear how 
the "software modules previously stored" or the "updated versions of software 
previously stored" relate to the other parts of the claimed invention. 



The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(b) the invention was patented or described in a printed publication in this or a foreign country or in public 
use or on sale in this country, more than one year prior to the date of application for patent in the United 



7. Claims 1-3, 5, 41, 43-45, and 48-50 are rejected under 35 U.S.C. 102(b) as being 
anticipated by U.S. Patent No. 5,790,677 to Fox et al. 

As per claim 1 , the transaction system disclosed by Fox includes a credential 
binding server (the configuration server) that registers and transmits configuration 
information to a set of computing units (transaction processing devices) over a public 
network, using cryptography (see column 2, lines 8-52). 



Claim Rejections - 35 USC § 102 



States. 



Application/Control Number: 09/588,367 Page 4 

Art Unit: 2134 

As per claim 2, the transaction device sends encrypted information to the binding 

server. 

As per claim 3, the credential binding server uses encryption in generating 
credential information to send to the transaction processing devices (see column 1 1 , 
lines 11-38). 

As per claim 5 f the encryption means of the computing units are internal to them. 

As per claim 41 , Fox discloses the use of stand-alone computers, such as PC's, 
as terminals (see column 2, lines 44-48). The system may configure with respect to 
particular user accounts (see column 22, line 48 to column 23, line 55). 

As per claims 43 and 44, credit card and debit card transactions are supported 
(see column 22, lines 33-44). 

As per claim 45, the example given is a point of sale transaction. 

As per claim 48, a card reader on the terminal is disclosed (see column 17, lines 
10-15). 

Regarding claim 49, any system that is able to run on a public network is also 
inherently able to run on a private network. 

As per claim 50, the system disclosed by Fox may be run using more than one 
network (see column 5, line 64 to column 6, line 4). 



Claim Rejections - 35 USC § 103 
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The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

8. Claims 4, 6-17, 42, 46, 47, and 51 are rejected under 35 U.S.C. 103(a) as being 
unpatentable over U.S. Patent No. 5,790,677 to Fox et al. 

Though the system disclosed by Fox is disclosed to be usable over a public 
network, Fox does not specify the protocol to be used over the public network. 

Regarding claims 6 and 42, official notice is given that TCP/IP is the most 
common Layer 3 protocol used on public networks, including the Internet. 

Regarding claims 4 and 8, implementations of the TCP/IP protocol inherently 
include protocol stacks on all connected nodes. 

Therefore, it would be obvious to one of ordinary skill in the art at the time the 
invention was made to implement the system disclosed by Fox using TCP/IP as the 
Layer 3 protocol, as it is the most widely-used public network protocol. 

As per claim 7, the credential binding server is a configuration module. 

As per claims 9, 1 1, and 13, the credential binding server issues certificates for 
each transaction processing device, and sends them over the network to the respective 
terminals. 
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As per claim 10, 12, 14, and 17, the credential binding server generates a 
certificate for the binding server to send back to each transaction processing device 
(see column 1 1 , lines 24-38). 

Regarding claims 15 and 16, any module that performs encryption inherently 
uses a cryptographic algorithm. 

Regarding claims 46 and 47, is official notice is given that it is well-known in the 
art that communications protocol stacks and cryptographic modules may be 
implemented in hardware, in order to reduce execution time. 

Therefore, it would obvious to one of ordinary skill in the art at the time the 
invention was made to implement the communications protocol stacks and 
cryptographic modules in the invention disclosed by Fox in hardware, in order to reduce 
execution time. 

Regarding claim 51, official notice is given that, in systems having multiple 
network interfaces, the method of sending of packets through different interfaces 
depending upon the destinations, in order to reduce transmission time, cost, or network 
congestion, is well-known in the art. 

Therefore, it would obvious to one of ordinary skill in the art at the time the 
invention was made to implement the invention disclosed by Fox by sending packets 
over each interface, as determined by the respective destinations, in order to reduce 
transmission time, cost, or network congestion. 
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9. Claims 52-54 and 57 are rejected under 35 U.S.C. 103(a) as being unpatentable 
over U.S. Patent No. 5,790,677 to Fox et al. as applied to claims 1 and 41 above, and 
further in view of U.S. Patent No. 5,745,705 to Iguchi. 

Fox only discloses the sending of credentials, and not the sending of initialization 
data to terminals. 

Iguchi discloses a set of POS terminals connected over a public communication 
line (see column 4, lines 27-30) to a configuration server ("controller"), which is 
responsible for the configuration of the terminals, sending initialization data that is 
installed during the power-on cycle to update the systems (see column 5 f lines 31-53). 
The received data is stored in a maintenance storage means (a database services 
module) and is installed according to the determination of a maintenance data setting 
(the software module). Iguchi further suggests that this is done in order to provide a 
POS system which enables the executable program and setting to be altered at any 
time (see column 4, lines 6-8). 

Therefore it would be obvious to one of ordinary skill in the art at the time the 
invention was made to modify the invention of Fox by adding the functionality disclosed 
by Iguchi to the binding server and terminals, in order to provide a POS system which 
enables the executable program and setting to be altered at any time. 



Allowable Subject Matter 
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10. Claims 18-23 and 55 are objected to as being dependent upon a rejected base 
claim, but would be allowable if rewritten in independent form including all of the 
limitations of the base claim and any intervening claims. 

1 1 . The following is a statement of reasons for the indication of allowable subject 
matter: Applicant has persuasively argued that Fox does not anticipate claim 18, and 
no art was found that would make it obvious for the security module to extract the key 
from the certificates rather than simply using the registration data. 

Claims 19-23 and 55 would be allowable based upon their dependence on claim 

18. 

12. Claims 35-40 and 56 are allowed. 

13. The following is an examiner's statement of reasons for allowance: Claim 35 is 
allowable for the reasons stated in Applicant's second argument regarding claim 35 
(see Paper No. 7, p. 29). 

Claims 36-40 and 56 are allowable based upon their dependence upon an 
allowable base claim. 

Any comments considered necessary by applicant must be submitted no later 
than the payment of the issue fee and, to avoid processing delays, should preferably 
accompany the issue fee. Such submissions should be clearly labeled "Comments on 
Statement of Reasons for Allowance." 
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Response to Arguments 



14. Applicant's arguments, see Paper No. 7, filed 24 March 2004, with respect to the 
rejection of claim 41 under 35 U.S.C. 112 have been fully considered and are 
persuasive. The rejections under 35 U.S.C. 112 have been withdrawn. 

15. Applicant's arguments, see Paper No. 7, filed 24 March 2004, with respect to 
claims 18 and 35 have been fully considered and are persuasive. The rejections of 
claims 18-23 and 35-40 have been withdrawn. 

16. Applicant's arguments filed 24 March 2004 with respect to the remaining claims 
have been fully considered and are not persuasive. 

Regarding the rejections under 35 U.S.C. 102 to claims 1 and 41 (see Paper No. 
7, pp. 17-1 9), the credentials that are sent back from the binding server to the multiple 
computing units are used by the units to enable them to transact with the system in 
general, and therefore constitute configuration information. Since the description 
specifying "configuration" in Applicant's specification recites data fields in an open- 
ended manner, any data field that is to be used to generally enable future transactions 
can also be treated as such. 

Regarding the rejection under 35 U.S.C. 102 to claim 50 (see Paper No. 7, p. 
20), Fox discloses that multiple networks may be used, and enumerates a public 
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network, as well as several types of networks that are commonly implemented privately. 
Given that public and private networks are interoperable, and since Fox makes no 
suggestion that these types of networks would be mutually exclusive, it is therefore 
inherent that Fox's system can be implemented using both public and private networks. 

Regarding the rejection under 35 U.S.C. 103 to claims 4, 6-23, 42, 46, 47, and 51 
(see Paper No. 7, pp.21 -22), the use of Fox's system in the context of a public network 
is disclosed. Since the user of a system cannot necessarily control the equipment used 
in such a situation, there is clear an advantage to using communications protocols and 
topologies that are already in wide public use, since it affords more frequent 
interoperability with other equipment. The simple fact that the Internet is widely used by 
the public is therefore motivation in and of itself. 

Regarding the rejection under 35 U.S.C. 103 to claim 7 (see Paper No. 7, p. 23), 
the rejection as written incorporates the rejection of base claim 3. Claim 7 only specifies 
that a configuration module contain the second cryptographic services module of claim 
3. Since a module is simply a collection of routines and data structures dedicated to a 
particular task (see Microsoft Computer Dictionary, Fifth Edition, p. 346), the disclosure 
of a cryptographic services module render the existence of a configuration module to be 
obvious; claim 7 therefore stands or falls with its parent claims, and no further citation is 
necessary. 

All communications using the Internet must use the TCP/IP (Transmission 
Control Protocol / Internet Protocol) protocol, which inherently contains at least one 
protocol stack at each node. 
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Regarding the rejections of claims 11,13, and 15 (see Paper No. 7, pp. 23-24), 
no additional citation is given because the reference is cited in base claim 1. The unique 
credential of column 2, line 35 clearly constitutes a terminal certificate. The credential 
generated by the binding server is, at least temporarily, stored within the binding server 
before being transmitted to the appropriate participants. Since the set of all functions 
and data necessary for cryptographic activities comprise a cryptographic services 
module, the credential, which is solely used for cryptography, is stored there. 

Regarding the rejections of claims 10, 12, 14, and 16 (see Paper No. 7, p. 24), 
the binding server comprises the certificate manager and the configuration server, 
which, being in the same system, are communicatively connected. The storing of the 
certificate in the second cryptographic services module is discussed with respect to 
claims 11, 13, and 15, above. 

Regarding to Applicant's objection to the communication of the rejection to claims 
35-40 (see Paper No. 7, pp. 27-28), the Examiner, noting that all but one of the 
limitations taught to features of the invention that had previously been discussed, 
elected to not repeat the details for the sake of brevity. The claims, however, are now 
found to be allowable, for the reasons described above. 

Conclusion 



17. Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
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§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 
CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1.136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

18. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Matthew E. Heneghan, whose telephone number is 
(703) 305-7727. The examiner can normally be reached on Monday-Thursday from 
8:00 AM - 4:00 PM Eastern Time. The examiner can also be reached on alternate 
Fridays. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Gregory Morse, can be reached on (703) 308-4789. 

Any response to this action should be mailed to: 

Commissioner of Patents and Trademarks 
P.O. Box 1450 
Alexandria, VA 22313-1450 
Or faxed to: 

(703) 872-9306 

Hand-delivered responses should be brought to Crystal Park 2, 2121 Crystal 
Drive, Arlington, VA 22202, Fourth Floor (Receptionist). 
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Any inquiry of a general nature or relating to the status of this application or 
proceeding should be directed to the receptionist whose telephone number is (703) 305- 
3900. 



MEH /^V 
May 26, 2004 



y Gregory morse 

SUPERVISORY PATENT EXAMINER 
TECHNOLOGY CENTER 2100 



